PH12020550006A1 - Key attestation statement generation providing device anonymity - Google Patents
Key attestation statement generation providing device anonymityInfo
- Publication number
- PH12020550006A1 PH12020550006A1 PH12020550006A PH12020550006A PH12020550006A1 PH 12020550006 A1 PH12020550006 A1 PH 12020550006A1 PH 12020550006 A PH12020550006 A PH 12020550006A PH 12020550006 A PH12020550006 A PH 12020550006A PH 12020550006 A1 PH12020550006 A1 PH 12020550006A1
- Authority
- PH
- Philippines
- Prior art keywords
- attestation
- public
- private key
- certificate
- providing device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0827—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Medicines Containing Antibodies Or Antigens For Use As Internal Diagnostic Agents (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A computing device sends a request for an attestation certificate to an attestation service along with information regarding the hardware and/or software of the device. The attestation service processes the request and verifies the information received from the device. After verifying the information, the attestation service selects a public/private key pair from a collection of reusable public/private key pairs and generates an attestation certificate for the device and public key of the public/private key pair. This attestation certificate is digitally signed by the attestation service and returned to the device. The private key of the selected public/private key pair is also encrypted to a trusted secure component of the device, ensuring that the key cannot be stolen by malware and re-used on another device, and is returned to the device. The device uses this attestation certificate to access relying parties, and optionally generates additional public/private key pairs and attestation certificates.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/649,085 US10819696B2 (en) | 2017-07-13 | 2017-07-13 | Key attestation statement generation providing device anonymity |
PCT/US2018/034795 WO2019013886A1 (en) | 2017-07-13 | 2018-05-28 | Key attestation statement generation providing device anonymity |
Publications (1)
Publication Number | Publication Date |
---|---|
PH12020550006A1 true PH12020550006A1 (en) | 2020-10-12 |
Family
ID=62621070
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PH12020550006A PH12020550006A1 (en) | 2017-07-13 | 2020-01-02 | Key attestation statement generation providing device anonymity |
Country Status (17)
Country | Link |
---|---|
US (2) | US10819696B2 (en) |
EP (1) | EP3652882A1 (en) |
JP (1) | JP7077394B2 (en) |
KR (1) | KR102451109B1 (en) |
CN (1) | CN110892672B (en) |
AU (1) | AU2018299716B2 (en) |
BR (1) | BR112020000220A2 (en) |
CA (1) | CA3067540A1 (en) |
CL (1) | CL2020000081A1 (en) |
CO (1) | CO2020000162A2 (en) |
IL (1) | IL271812B2 (en) |
MX (1) | MX2020000328A (en) |
PH (1) | PH12020550006A1 (en) |
RU (1) | RU2763516C2 (en) |
SG (1) | SG11201912738WA (en) |
WO (1) | WO2019013886A1 (en) |
ZA (1) | ZA201908494B (en) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11310050B2 (en) | 2018-09-17 | 2022-04-19 | Microsoft Technology Licensing, Llc | Verifying a computing device after transport |
US10423791B2 (en) * | 2017-04-27 | 2019-09-24 | Microsoft Technology Licensing, Llc | Enabling offline restart of shielded virtual machines using key caching |
US10819696B2 (en) * | 2017-07-13 | 2020-10-27 | Microsoft Technology Licensing, Llc | Key attestation statement generation providing device anonymity |
US10447486B2 (en) * | 2017-07-19 | 2019-10-15 | Spyrus, Inc. | Remote attestation of a security module's assurance level |
EP3688948A1 (en) * | 2017-09-25 | 2020-08-05 | Telefonaktiebolaget LM Ericsson (PUBL) | Provisioning of vendor credentials |
GB2578628B (en) * | 2018-11-01 | 2021-09-15 | Trustonic Ltd | Device attestation techniques |
WO2020151831A1 (en) * | 2019-01-25 | 2020-07-30 | Huawei Technologies Co., Ltd. | Method for end entity attestation |
US11374771B2 (en) | 2019-03-08 | 2022-06-28 | Ares Technologies, Inc. | Methods and systems for implementing mixed protocol certificates |
US10742421B1 (en) | 2019-03-08 | 2020-08-11 | Ares Technologies, Inc. | Methods and systems for anonymous hardware attestation |
US10735205B1 (en) | 2019-03-08 | 2020-08-04 | Ares Technologies, Inc. | Methods and systems for implementing an anonymized attestation chain |
US11394565B2 (en) * | 2019-06-18 | 2022-07-19 | Intel Corporation | Asymmetric device attestation using physically unclonable functions |
KR20210017083A (en) * | 2019-08-06 | 2021-02-17 | 삼성전자주식회사 | Electronic device and method for generating attestation certificate based on fused key |
US11539678B2 (en) * | 2019-08-16 | 2022-12-27 | Red Hat, Inc. | Asymmetric key management for cloud computing services |
US11265721B1 (en) * | 2019-08-20 | 2022-03-01 | Facebook Technologies, Llc | Secure device attestation and mutual authentication of artificial reality devices |
US11431689B2 (en) * | 2020-01-10 | 2022-08-30 | Lennox Industries Inc. | Secure payload delivery |
WO2022006574A1 (en) * | 2020-06-29 | 2022-01-06 | Arm Cloud Technology, Inc. | Device attestation |
US11595213B2 (en) * | 2020-06-29 | 2023-02-28 | Izuma Tech, Inc. | Methods and apparatus for performing attestation |
CN111953675B (en) * | 2020-08-10 | 2022-10-25 | 四川阵风科技有限公司 | Key management method based on hardware equipment |
KR102318947B1 (en) * | 2020-08-21 | 2021-10-27 | 세종대학교산학협력단 | Method for protecting privacy data, computing device and system for executing the method |
WO2022115200A2 (en) | 2020-10-28 | 2022-06-02 | Ares Technologies, Inc. | Systems and methods for a cryptographic agile bootloader for upgradable secure environment |
US11665148B2 (en) * | 2021-03-22 | 2023-05-30 | Cisco Technology, Inc. | Systems and methods for addressing cryptoprocessor hardware scaling limitations |
US20220337431A1 (en) * | 2021-04-19 | 2022-10-20 | Apple Inc. | Privacy proofing of secure element generated certificates |
US11750384B2 (en) * | 2021-05-27 | 2023-09-05 | Microsoft Technology Licensing, Llc | Binding with cryptographic key attestation |
US20230388110A1 (en) * | 2022-05-31 | 2023-11-30 | Microsoft Technology Licensing, Llc | Using attestation client code to attest health of a computing device |
US20240007354A1 (en) * | 2022-06-30 | 2024-01-04 | Amazon Technologies, Inc. | Automatic onboarding of heterogeneous devices onto a client network |
CN117056948B (en) * | 2023-07-28 | 2024-09-27 | 威艾特科技(深圳)有限公司 | Receipt credential encryption method and device |
Family Cites Families (140)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7165174B1 (en) * | 1995-02-13 | 2007-01-16 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
US7631188B2 (en) * | 1997-05-16 | 2009-12-08 | Tvworks, Llc | Hierarchical open security information delegation and acquisition |
US6233685B1 (en) * | 1997-08-29 | 2001-05-15 | Sean William Smith | Establishing and employing the provable untampered state of a device |
JP2000049766A (en) * | 1998-07-27 | 2000-02-18 | Hitachi Ltd | Key managing server system |
US7194620B1 (en) * | 1999-09-24 | 2007-03-20 | Verizon Business Global Llc | Method for real-time data authentication |
US6996710B1 (en) * | 2000-03-31 | 2006-02-07 | Intel Corporation | Platform and method for issuing and certifying a hardware-protected attestation key |
US20020019938A1 (en) * | 2000-08-04 | 2002-02-14 | Aarons Michael Thomas | Method and apparatus for secure identification for networked environments |
US20020078347A1 (en) * | 2000-12-20 | 2002-06-20 | International Business Machines Corporation | Method and system for using with confidence certificates issued from certificate authorities |
US20020129261A1 (en) * | 2001-03-08 | 2002-09-12 | Cromer Daryl Carvis | Apparatus and method for encrypting and decrypting data recorded on portable cryptographic tokens |
US7925878B2 (en) * | 2001-10-03 | 2011-04-12 | Gemalto Sa | System and method for creating a trusted network capable of facilitating secure open network transactions using batch credentials |
GB2382419B (en) * | 2001-11-22 | 2005-12-14 | Hewlett Packard Co | Apparatus and method for creating a trusted environment |
US6963873B2 (en) * | 2002-01-02 | 2005-11-08 | Intel Corporation | Method and system for automatic association of a signed certificate with a certificate signing request |
CA2901250A1 (en) | 2002-07-12 | 2004-01-22 | Apple Inc. | Personal authentication software and systems for travel privilege assignation and verification |
US7181016B2 (en) * | 2003-01-27 | 2007-02-20 | Microsoft Corporation | Deriving a symmetric key from an asymmetric key for file encryption or decryption |
US20040193917A1 (en) * | 2003-03-26 | 2004-09-30 | Drews Paul C | Application programming interface to securely manage different execution environments |
US7797544B2 (en) * | 2003-12-11 | 2010-09-14 | Microsoft Corporation | Attesting to establish trust between computer entities |
US7263608B2 (en) | 2003-12-12 | 2007-08-28 | Lenovo (Singapore) Pte. Ltd. | System and method for providing endorsement certificate |
US7424610B2 (en) * | 2003-12-23 | 2008-09-09 | Intel Corporation | Remote provisioning of secure systems for mandatory control |
US7350072B2 (en) * | 2004-03-30 | 2008-03-25 | Intel Corporation | Remote management and provisioning of a system across a network based connection |
US20050251857A1 (en) * | 2004-05-03 | 2005-11-10 | International Business Machines Corporation | Method and device for verifying the security of a computing platform |
US20050278253A1 (en) * | 2004-06-15 | 2005-12-15 | Microsoft Corporation | Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like |
US7055742B2 (en) * | 2004-06-29 | 2006-06-06 | Microsoft Corporation | Method for secure on-line voting |
US8356175B2 (en) * | 2005-06-29 | 2013-01-15 | Intel Corporation | Methods and apparatus to perform associated security protocol extensions |
US8417640B2 (en) * | 2005-10-31 | 2013-04-09 | Research In Motion Limited | Secure license key method and system |
US8989390B2 (en) * | 2005-12-12 | 2015-03-24 | Qualcomm Incorporated | Certify and split system and method for replacing cryptographic keys |
US7600123B2 (en) * | 2005-12-22 | 2009-10-06 | Microsoft Corporation | Certificate registration after issuance for secure communication |
US8145917B2 (en) * | 2005-12-30 | 2012-03-27 | Nokia Corporation | Security bootstrapping for distributed architecture devices |
US9135444B2 (en) * | 2006-10-19 | 2015-09-15 | Novell, Inc. | Trusted platform module (TPM) assisted data center management |
US8281389B2 (en) * | 2006-12-21 | 2012-10-02 | Seagate Technology Llc | System and method for tamper evident certification |
US8984280B2 (en) * | 2007-02-16 | 2015-03-17 | Tibco Software Inc. | Systems and methods for automating certification authority practices |
US7975290B2 (en) * | 2007-06-07 | 2011-07-05 | Alcatel Lucent | Verifying authenticity of instant messaging messages |
US7971261B2 (en) * | 2007-06-12 | 2011-06-28 | Microsoft Corporation | Domain management for digital media |
CN100566251C (en) * | 2007-08-01 | 2009-12-02 | 西安西电捷通无线网络通信有限公司 | A kind of trusted network connection method that strengthens fail safe |
US20090125996A1 (en) * | 2007-09-19 | 2009-05-14 | Interdigital Patent Holdings, Inc. | Virtual subscriber identity module |
DE102007044905A1 (en) * | 2007-09-19 | 2009-04-09 | InterDigital Patent Holdings, Inc., Wilmington | Method and device for enabling service usage and determination of subscriber identity in communication networks by means of software-based access authorization cards (vSIM) |
US8862874B2 (en) * | 2008-05-09 | 2014-10-14 | International Business Machines Corporation | Certificate distribution using secure handshake |
FR2932229B1 (en) * | 2008-06-05 | 2011-06-24 | Renault Sas | CONTROL OF THE POWER SUPPLY OF AN IGNITION CANDLE OF AN INTERNAL COMBUSTION ENGINE |
US9122895B2 (en) * | 2008-06-25 | 2015-09-01 | Microsoft Technology Licensing, Llc | Authorization for transient storage devices with multiple authentication silos |
WO2010025318A2 (en) * | 2008-08-28 | 2010-03-04 | Motorola, Inc. | Encrypting a unique cryptographic entity |
US8751791B2 (en) * | 2008-09-17 | 2014-06-10 | Motorola Solutions, Inc. | Method and device for confirming authenticity of a public key infrastructure (PKI) transaction event |
US20120137364A1 (en) | 2008-10-07 | 2012-05-31 | Mocana Corporation | Remote attestation of a mobile device |
US9621341B2 (en) * | 2008-11-26 | 2017-04-11 | Microsoft Technology Licensing, Llc | Anonymous verifiable public key certificates |
US8738932B2 (en) * | 2009-01-16 | 2014-05-27 | Teleputers, Llc | System and method for processor-based security |
CN101807998A (en) | 2009-02-13 | 2010-08-18 | 英飞凌科技股份有限公司 | Authentication |
US8544092B2 (en) | 2009-03-12 | 2013-09-24 | International Business Machines Corporation | Integrity verification using a peripheral device |
US8509448B2 (en) * | 2009-07-29 | 2013-08-13 | Motorola Solutions, Inc. | Methods and device for secure transfer of symmetric encryption keys |
US9490984B2 (en) * | 2009-09-14 | 2016-11-08 | Interdigital Patent Holdings, Inc. | Method and apparatus for trusted authentication and logon |
CN101699891B (en) * | 2009-10-21 | 2012-07-25 | 西安西电捷通无线网络通信股份有限公司 | Method for key management and node authentication of sensor network |
US8700893B2 (en) * | 2009-10-28 | 2014-04-15 | Microsoft Corporation | Key certification in one round trip |
US8327424B2 (en) * | 2009-12-22 | 2012-12-04 | Motorola Solutions, Inc. | Method and apparatus for selecting a certificate authority |
MY151315A (en) | 2010-05-07 | 2014-05-15 | Mimos Berhad | System and method for issuing endorsement key credential in trusted computing environment using local certificate authority |
US8788811B2 (en) | 2010-05-28 | 2014-07-22 | Red Hat, Inc. | Server-side key generation for non-token clients |
US20120174196A1 (en) * | 2010-12-30 | 2012-07-05 | Suresh Bhogavilli | Active validation for ddos and ssl ddos attacks |
US8806196B2 (en) * | 2011-11-04 | 2014-08-12 | Motorola Solutions, Inc. | Method and apparatus for authenticating a digital certificate status and authorization credentials |
US9754253B1 (en) * | 2011-11-28 | 2017-09-05 | Amazon Technologies, Inc. | Conditioned use of certificates |
US9413538B2 (en) * | 2011-12-12 | 2016-08-09 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
US9054871B2 (en) * | 2012-02-21 | 2015-06-09 | California Institute Of Technology | Physical key-protected one time pad |
US8782423B2 (en) | 2012-06-19 | 2014-07-15 | Microsoft Corporation | Network based management of protected data sets |
US20140006776A1 (en) * | 2012-06-29 | 2014-01-02 | Mark Scott-Nash | Certification of a virtual trusted platform module |
US9411962B2 (en) * | 2012-07-18 | 2016-08-09 | Sequitur Labs Inc. | System and methods for secure utilization of attestation in policy-based decision making for mobile device management and security |
US8782401B2 (en) | 2012-09-26 | 2014-07-15 | Intel Corporation | Enhanced privacy ID based platform attestation |
US9374228B2 (en) * | 2012-10-12 | 2016-06-21 | International Business Machines Corporation | Verifying a geographic location of a virtual disk image executing at a data center server within a data center |
US9794602B2 (en) * | 2012-10-29 | 2017-10-17 | Echostar Technologies L.L.C. | Systems and methods for securely providing streaming media content on-demand |
US9935953B1 (en) * | 2012-11-06 | 2018-04-03 | Behaviometrics Ab | Secure authenticating an user of a device during a session with a connected server |
US9077759B2 (en) * | 2013-01-18 | 2015-07-07 | Apple Inc. | Conflict resolution for keychain syncing |
US9594567B2 (en) * | 2013-02-21 | 2017-03-14 | Dell Products, Lp | Configuring a trusted platform module |
US20140259132A1 (en) * | 2013-03-06 | 2014-09-11 | Go Daddy Operating Company, LLC | System for creating a security certificate |
EP2815349B1 (en) * | 2013-03-06 | 2021-04-21 | Intel Corporation | Roots-of-trust for measurement of virtual machines |
US20140281497A1 (en) * | 2013-03-13 | 2014-09-18 | General Instrument Corporation | Online personalization update system for externally acquired keys |
US9219607B2 (en) * | 2013-03-14 | 2015-12-22 | Arris Technology, Inc. | Provisioning sensitive data into third party |
US9332002B1 (en) * | 2013-03-14 | 2016-05-03 | Amazon Technologies, Inc. | Authenticating and authorizing a user by way of a digital certificate |
CA2902285A1 (en) * | 2013-03-15 | 2014-09-18 | Ologn Technologies Ag | Systems, methods and apparatuses for remote attestation |
DE102013205051A1 (en) * | 2013-03-21 | 2014-09-25 | Siemens Aktiengesellschaft | Updating a digital device certificate of an automation device |
JP6079394B2 (en) * | 2013-04-11 | 2017-02-15 | 富士通株式会社 | Certificate generation method, certificate generation apparatus, information processing apparatus, communication device, and program |
US9094377B2 (en) * | 2013-08-16 | 2015-07-28 | Netflix, Inc. | Key generation and broadcasting |
US9998438B2 (en) | 2013-10-23 | 2018-06-12 | Microsoft Technology Licensing, Llc | Verifying the security of a remote server |
US9391980B1 (en) | 2013-11-11 | 2016-07-12 | Google Inc. | Enterprise platform verification |
US9647832B2 (en) * | 2014-01-13 | 2017-05-09 | Visa International Service Association | Efficient methods for protecting identity in authenticated transmissions |
US9680872B1 (en) * | 2014-03-25 | 2017-06-13 | Amazon Technologies, Inc. | Trusted-code generated requests |
US9652604B1 (en) * | 2014-03-25 | 2017-05-16 | Amazon Technologies, Inc. | Authentication objects with delegation |
US10049202B1 (en) * | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Strong authentication using authentication objects |
US10050787B1 (en) * | 2014-03-25 | 2018-08-14 | Amazon Technologies, Inc. | Authentication objects with attestation |
US20160344725A1 (en) * | 2014-04-02 | 2016-11-24 | William B. SEVERIN | Signal haystacks |
EP2937806A1 (en) * | 2014-04-22 | 2015-10-28 | ALSTOM Renewable Technologies | Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device |
US9652631B2 (en) * | 2014-05-05 | 2017-05-16 | Microsoft Technology Licensing, Llc | Secure transport of encrypted virtual machines with continuous owner access |
US9692599B1 (en) * | 2014-09-16 | 2017-06-27 | Google Inc. | Security module endorsement |
US9716716B2 (en) * | 2014-09-17 | 2017-07-25 | Microsoft Technology Licensing, Llc | Establishing trust between two devices |
US9705879B2 (en) * | 2014-09-17 | 2017-07-11 | Microsoft Technology Licensing, Llc | Efficient and reliable attestation |
US9331989B2 (en) | 2014-10-06 | 2016-05-03 | Micron Technology, Inc. | Secure shared key sharing systems and methods |
US9900295B2 (en) * | 2014-11-05 | 2018-02-20 | Microsoft Technology Licensing, Llc | Roaming content wipe actions across devices |
US10348727B2 (en) * | 2015-02-13 | 2019-07-09 | International Business Machines Corporation | Automatic key management using enterprise user identity management |
US10015173B1 (en) * | 2015-03-10 | 2018-07-03 | Symantec Corporation | Systems and methods for location-aware access to cloud data stores |
CN107533501A (en) | 2015-03-20 | 2018-01-02 | 里维茨公司 | Use block chain automated validation appliance integrality |
WO2016168503A1 (en) * | 2015-04-15 | 2016-10-20 | Melrok, Llc | Secure broadcast systems and methods for internet of things devices |
US20160364553A1 (en) * | 2015-06-09 | 2016-12-15 | Intel Corporation | System, Apparatus And Method For Providing Protected Content In An Internet Of Things (IOT) Network |
US10230696B2 (en) * | 2015-06-09 | 2019-03-12 | Intel Corporation | System, apparatus and method for managing lifecycle of secure publish-subscribe system |
CN107683599A (en) * | 2015-06-11 | 2018-02-09 | 西门子公司 | Authorization device and method for the mandate issue of the authentication token of equipment |
US10333903B1 (en) * | 2015-06-16 | 2019-06-25 | Amazon Technologies, Inc. | Provisioning network keys to devices to allow them to provide their identity |
US9923721B2 (en) * | 2015-06-22 | 2018-03-20 | Intel IP Corporation | Key agreement and authentication for wireless communication |
CN105141593A (en) | 2015-08-10 | 2015-12-09 | 刘澄宇 | Private cloud platform secure computation method |
US10397255B1 (en) * | 2015-09-23 | 2019-08-27 | StackRox, Inc. | System and method for providing security in a distributed computation system utilizing containers |
US20170093586A1 (en) * | 2015-09-25 | 2017-03-30 | Qualcomm Incorporated | Techniques for managing certificates on a computing device |
US9906513B2 (en) * | 2015-09-28 | 2018-02-27 | Bank Of America Corporation | Network authorization system |
US9917687B2 (en) * | 2015-10-12 | 2018-03-13 | Microsoft Technology Licensing, Llc | Migrating secrets using hardware roots of trust for devices |
US9832024B2 (en) * | 2015-11-13 | 2017-11-28 | Visa International Service Association | Methods and systems for PKI-based authentication |
US9740867B2 (en) * | 2015-11-16 | 2017-08-22 | Dell Products, L.P. | Securely passing user authentication data between a pre-boot authentication environment and an operating system |
US10009179B2 (en) * | 2015-11-30 | 2018-06-26 | Microsoft Technology Licensing, Llc | Trusted platform module (TPM) protected device |
US10169591B2 (en) * | 2015-12-07 | 2019-01-01 | Amazon Technologies, Inc. | Chained security systems |
US10536271B1 (en) * | 2016-01-10 | 2020-01-14 | Apple Inc. | Silicon key attestation |
US10341325B2 (en) * | 2016-01-29 | 2019-07-02 | Vmware, Inc. | System and method for transferring device identifying information |
US10169602B2 (en) * | 2016-02-22 | 2019-01-01 | Dell Products, L.P. | Method for local key management setup and recovery |
US10412191B1 (en) * | 2016-03-30 | 2019-09-10 | Amazon Technologies, Inc. | Hardware validation |
US10277407B2 (en) * | 2016-04-19 | 2019-04-30 | Microsoft Technology Licensing, Llc | Key-attestation-contingent certificate issuance |
US11256746B2 (en) * | 2016-04-25 | 2022-02-22 | Oracle International Corporation | Hash-based efficient secondary indexing for graph data stored in non-relational data stores |
GB201607476D0 (en) * | 2016-04-29 | 2016-06-15 | Eitc Holdings Ltd | Operating system for blockchain IOT devices |
US10447467B2 (en) * | 2016-05-04 | 2019-10-15 | International Business Machines Corporation | Revocable PKI signatures |
US9916452B2 (en) * | 2016-05-18 | 2018-03-13 | Microsoft Technology Licensing, Llc | Self-contained cryptographic boot policy validation |
US10115250B2 (en) * | 2016-05-23 | 2018-10-30 | Fuji Xerox Co., Ltd. | Systems and methods for location enabled electronic lock controls |
US10135622B2 (en) * | 2016-06-03 | 2018-11-20 | Intel Corporation | Flexible provisioning of attestation keys in secure enclaves |
US10601787B2 (en) * | 2016-06-06 | 2020-03-24 | Cisco Technology, Inc. | Root of trust of geolocation |
US10708067B2 (en) * | 2016-06-18 | 2020-07-07 | Intel Corporation | Platform attestation and registration for servers |
US20180007037A1 (en) * | 2016-07-01 | 2018-01-04 | Kenneth Wade Reese | Transaction-specific shared secret in one-time password device |
US10135921B2 (en) * | 2016-09-20 | 2018-11-20 | Keir Finlow-Bates | System and method for announcing cryptographic keys on a blockchain |
US10733284B2 (en) * | 2016-10-06 | 2020-08-04 | Samsung Electronics Co., Ltd. | Trusted execution environment secure element communication |
US10498712B2 (en) * | 2016-11-10 | 2019-12-03 | Ernest Brickell | Balancing public and personal security needs |
US10447681B2 (en) * | 2016-12-07 | 2019-10-15 | Vmware, Inc. | Secure asymmetric key application data sharing |
US10574648B2 (en) * | 2016-12-22 | 2020-02-25 | Dashlane SAS | Methods and systems for user authentication |
US10229270B2 (en) * | 2016-12-23 | 2019-03-12 | Amazon Technologies, Inc. | Host attestation |
US20180183578A1 (en) * | 2016-12-27 | 2018-06-28 | Intel Corporation | Provisioning keys for virtual machine scaling |
US20180183586A1 (en) * | 2016-12-28 | 2018-06-28 | Intel Corporation | Assigning user identity awareness to a cryptographic key |
US10530777B2 (en) * | 2017-01-24 | 2020-01-07 | Microsoft Technology Licensing, Llc | Data unsealing with a sealing enclave |
US11036875B2 (en) * | 2017-01-24 | 2021-06-15 | Microsoft Technology Licensing, Llc | Dependent enclave binaries |
US11405177B2 (en) * | 2017-01-24 | 2022-08-02 | Microsoft Technology Licensing, Llc | Nested enclave identity |
US11443033B2 (en) * | 2017-01-24 | 2022-09-13 | Microsoft Technology Licensing, Llc | Abstract enclave identity |
US20180241572A1 (en) * | 2017-02-22 | 2018-08-23 | Intel Corporation | Techniques for remote sgx enclave authentication |
US10341864B2 (en) * | 2017-03-03 | 2019-07-02 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US20180287920A1 (en) * | 2017-03-30 | 2018-10-04 | Ca, Inc. | Intercepting application traffic monitor and analyzer |
US10397005B2 (en) * | 2017-03-31 | 2019-08-27 | Intel Corporation | Using a trusted execution environment as a trusted third party providing privacy for attestation |
US10440006B2 (en) * | 2017-06-21 | 2019-10-08 | Microsoft Technology Licensing, Llc | Device with embedded certificate authority |
US10819696B2 (en) * | 2017-07-13 | 2020-10-27 | Microsoft Technology Licensing, Llc | Key attestation statement generation providing device anonymity |
-
2017
- 2017-07-13 US US15/649,085 patent/US10819696B2/en active Active
-
2018
- 2018-05-28 MX MX2020000328A patent/MX2020000328A/en unknown
- 2018-05-28 BR BR112020000220-8A patent/BR112020000220A2/en unknown
- 2018-05-28 SG SG11201912738WA patent/SG11201912738WA/en unknown
- 2018-05-28 AU AU2018299716A patent/AU2018299716B2/en active Active
- 2018-05-28 CN CN201880046669.0A patent/CN110892672B/en active Active
- 2018-05-28 KR KR1020207000801A patent/KR102451109B1/en active IP Right Grant
- 2018-05-28 CA CA3067540A patent/CA3067540A1/en active Pending
- 2018-05-28 WO PCT/US2018/034795 patent/WO2019013886A1/en active Application Filing
- 2018-05-28 IL IL271812A patent/IL271812B2/en unknown
- 2018-05-28 EP EP18731699.7A patent/EP3652882A1/en active Pending
- 2018-05-28 JP JP2020501161A patent/JP7077394B2/en active Active
- 2018-05-28 RU RU2020106575A patent/RU2763516C2/en active
-
2019
- 2019-12-19 ZA ZA2019/08494A patent/ZA201908494B/en unknown
-
2020
- 2020-01-02 PH PH12020550006A patent/PH12020550006A1/en unknown
- 2020-01-08 CO CONC2020/0000162A patent/CO2020000162A2/en unknown
- 2020-01-10 CL CL2020000081A patent/CL2020000081A1/en unknown
- 2020-08-27 US US17/004,929 patent/US11750591B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN110892672A (en) | 2020-03-17 |
KR20200027500A (en) | 2020-03-12 |
US20190020647A1 (en) | 2019-01-17 |
NZ759830A (en) | 2023-10-27 |
MX2020000328A (en) | 2020-07-13 |
CO2020000162A2 (en) | 2020-01-17 |
JP7077394B2 (en) | 2022-05-30 |
IL271812B2 (en) | 2024-01-01 |
RU2020106575A (en) | 2021-08-13 |
SG11201912738WA (en) | 2020-01-30 |
JP2020527305A (en) | 2020-09-03 |
EP3652882A1 (en) | 2020-05-20 |
US20200396217A1 (en) | 2020-12-17 |
AU2018299716B2 (en) | 2023-09-21 |
ZA201908494B (en) | 2021-03-31 |
US11750591B2 (en) | 2023-09-05 |
WO2019013886A1 (en) | 2019-01-17 |
KR102451109B1 (en) | 2022-10-07 |
US10819696B2 (en) | 2020-10-27 |
IL271812A (en) | 2020-02-27 |
RU2763516C2 (en) | 2021-12-30 |
AU2018299716A1 (en) | 2020-01-02 |
CA3067540A1 (en) | 2019-01-17 |
RU2020106575A3 (en) | 2021-08-13 |
IL271812B1 (en) | 2023-09-01 |
CL2020000081A1 (en) | 2020-07-31 |
CN110892672B (en) | 2023-10-20 |
BR112020000220A2 (en) | 2020-07-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
PH12020550006A1 (en) | Key attestation statement generation providing device anonymity | |
WO2015134760A3 (en) | Secure hardware for cross-device trusted applications | |
TW201612787A (en) | Network authentication method for secure electronic transactions | |
SG10201901366WA (en) | Key exchange through partially trusted third party | |
GB2573666A (en) | Verifying authenticity of computer readable information using the blockchain | |
RU2018103181A (en) | CONFIDENTIAL AUTHENTICATION AND SECURITY | |
WO2016057086A3 (en) | Common modulus rsa key pairs for signature generation and encryption/decryption | |
MX2021002895A (en) | Authentication of internet of things devices, including electronic locks. | |
MY181840A (en) | Devices and methods for client device authentication | |
AU2018256568A1 (en) | Systems and methods for software based encryption | |
GB2572088A8 (en) | Controlling access to a locked space using cryptographic keys stored on a blockchain | |
BR112017003018A2 (en) | secure provision of an authentication credential | |
GB2566874A (en) | Method for obtaining vetted certificates by microservices in elastic cloud environments | |
MX2017003533A (en) | Establishing trust between two devices. | |
MX2019008945A (en) | Origin certificate based online certificate issuance. | |
WO2011056321A3 (en) | Key certification in one round trip | |
MX2016014461A (en) | Provisioning drm credentials on a client device using an update server. | |
RU2017106105A (en) | METHODS FOR SAFE Cryptogram Generation | |
JP2017530586A5 (en) | ||
RU2016104645A (en) | METHOD OF AUTHORIZATION OF THE OPERATION INTENDED FOR PERFORMANCE ON THE TASKED COMPUTER DEVICE | |
EA201790385A1 (en) | METHOD OF DIGITAL SIGNATURE OF ELECTRONIC FILE AND METHOD OF AUTHENTICATION | |
JP2017513265A5 (en) | ||
GB201221433D0 (en) | A method and system of providing authentication of user access to a computer resource on a mobile device | |
JP2016510564A5 (en) | ||
IN2014MU00771A (en) |